2 * Copyright (c) 2022, 2023 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include "got_compat.h"
19 #include <sys/types.h>
20 #include <sys/queue.h>
21 #include <sys/socket.h>
36 #include "got_compat.h"
38 #include "got_error.h"
39 #include "got_repository.h"
40 #include "got_object.h"
42 #include "got_reference.h"
43 #include "got_opentemp.h"
45 #include "got_lib_hash.h"
46 #include "got_lib_delta.h"
47 #include "got_lib_object.h"
48 #include "got_lib_object_cache.h"
49 #include "got_lib_pack.h"
50 #include "got_lib_repository.h"
51 #include "got_lib_gitproto.h"
57 struct gotd_session_notif {
58 STAILQ_ENTRY(gotd_session_notif) entry;
60 enum gotd_notification_action action;
62 struct got_object_id old_id;
63 struct got_object_id new_id;
65 STAILQ_HEAD(gotd_session_notifications, gotd_session_notif) notifications;
67 static struct gotd_session {
70 struct got_repository *repo;
71 struct gotd_repo *repo_cfg;
74 struct gotd_imsgev parent_iev;
75 struct gotd_imsgev notifier_iev;
76 struct timeval request_timeout;
77 enum gotd_procid proc_id;
78 enum gotd_session_state state;
79 struct gotd_imsgev repo_child_iev;
82 static struct gotd_session_client {
84 struct gotd_client_capability *capabilities;
90 struct gotd_imsgev iev;
100 } gotd_session_client;
102 void gotd_session_sighdlr(int sig, short event, void *arg);
103 static void gotd_session_shutdown(void);
106 disconnect(struct gotd_session_client *client)
108 log_debug("uid %d: disconnecting", client->euid);
110 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
111 GOTD_IMSG_DISCONNECT, gotd_session.proc_id, -1, NULL, 0) == -1)
112 log_warn("imsg compose DISCONNECT");
114 imsg_clear(&gotd_session.repo_child_iev.ibuf);
115 event_del(&gotd_session.repo_child_iev.ev);
116 evtimer_del(&client->tmo);
118 if (client->delta_cache_fd != -1)
119 close(client->delta_cache_fd);
120 if (client->packfile_path) {
121 if (unlink(client->packfile_path) == -1 && errno != ENOENT)
122 log_warn("unlink %s: ", client->packfile_path);
123 free(client->packfile_path);
125 if (client->packidx_path) {
126 if (unlink(client->packidx_path) == -1 && errno != ENOENT)
127 log_warn("unlink %s: ", client->packidx_path);
128 free(client->packidx_path);
130 free(client->capabilities);
132 gotd_session_shutdown();
136 disconnect_on_error(struct gotd_session_client *client,
137 const struct got_error *err)
141 if (err->code != GOT_ERR_EOF) {
142 log_warnx("uid %d: %s", client->euid, err->msg);
143 imsg_init(&ibuf, client->fd);
144 gotd_imsg_send_error(&ibuf, 0, gotd_session.proc_id, err);
152 gotd_request_timeout(int fd, short events, void *arg)
154 struct gotd_session_client *client = arg;
156 log_debug("disconnecting uid %d due to timeout", client->euid);
161 gotd_session_sighdlr(int sig, short event, void *arg)
164 * Normal signal handler rules don't apply because libevent
170 log_info("%s: ignoring SIGHUP", __func__);
173 log_info("%s: ignoring SIGUSR1", __func__);
177 gotd_session_shutdown();
181 fatalx("unexpected signal");
185 static const struct got_error *
186 recv_packfile_done(struct imsg *imsg)
190 log_debug("packfile-done received");
192 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
194 return got_error(GOT_ERR_PRIVSEP_LEN);
199 static const struct got_error *
200 recv_packfile_install(struct imsg *imsg)
202 struct gotd_imsg_packfile_install inst;
205 log_debug("packfile-install received");
207 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
208 if (datalen != sizeof(inst))
209 return got_error(GOT_ERR_PRIVSEP_LEN);
210 memcpy(&inst, imsg->data, sizeof(inst));
215 static const struct got_error *
216 recv_ref_updates_start(struct imsg *imsg)
218 struct gotd_imsg_ref_updates_start istart;
221 log_debug("ref-updates-start received");
223 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
224 if (datalen != sizeof(istart))
225 return got_error(GOT_ERR_PRIVSEP_LEN);
226 memcpy(&istart, imsg->data, sizeof(istart));
231 static const struct got_error *
232 recv_ref_update(struct imsg *imsg)
234 struct gotd_imsg_ref_update iref;
237 log_debug("ref-update received");
239 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
240 if (datalen < sizeof(iref))
241 return got_error(GOT_ERR_PRIVSEP_LEN);
242 memcpy(&iref, imsg->data, sizeof(iref));
247 static const struct got_error *
248 send_ref_update_ok(struct gotd_session_client *client,
249 struct gotd_imsg_ref_update *iref, const char *refname)
251 struct gotd_imsg_ref_update_ok iok;
252 struct gotd_imsgev *iev = &client->iev;
256 memset(&iok, 0, sizeof(iok));
257 memcpy(iok.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
258 memcpy(iok.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
259 iok.name_len = strlen(refname);
261 len = sizeof(iok) + iok.name_len;
262 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_OK,
263 gotd_session.proc_id, gotd_session.pid, len);
265 return got_error_from_errno("imsg_create REF_UPDATE_OK");
267 if (imsg_add(wbuf, &iok, sizeof(iok)) == -1)
268 return got_error_from_errno("imsg_add REF_UPDATE_OK");
269 if (imsg_add(wbuf, refname, iok.name_len) == -1)
270 return got_error_from_errno("imsg_add REF_UPDATE_OK");
272 imsg_close(&iev->ibuf, wbuf);
273 gotd_imsg_event_add(iev);
278 send_refs_updated(struct gotd_session_client *client)
280 if (gotd_imsg_compose_event(&client->iev, GOTD_IMSG_REFS_UPDATED,
281 gotd_session.proc_id, -1, NULL, 0) == -1)
282 log_warn("imsg compose REFS_UPDATED");
285 static const struct got_error *
286 send_ref_update_ng(struct gotd_session_client *client,
287 struct gotd_imsg_ref_update *iref, const char *refname,
290 const struct got_error *ng_err;
291 struct gotd_imsg_ref_update_ng ing;
292 struct gotd_imsgev *iev = &client->iev;
296 memset(&ing, 0, sizeof(ing));
297 memcpy(ing.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
298 memcpy(ing.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
299 ing.name_len = strlen(refname);
301 ng_err = got_error_fmt(GOT_ERR_REF_BUSY, "%s", reason);
302 ing.reason_len = strlen(ng_err->msg);
304 len = sizeof(ing) + ing.name_len + ing.reason_len;
305 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_NG,
306 gotd_session.proc_id, gotd_session.pid, len);
308 return got_error_from_errno("imsg_create REF_UPDATE_NG");
310 if (imsg_add(wbuf, &ing, sizeof(ing)) == -1)
311 return got_error_from_errno("imsg_add REF_UPDATE_NG");
312 if (imsg_add(wbuf, refname, ing.name_len) == -1)
313 return got_error_from_errno("imsg_add REF_UPDATE_NG");
314 if (imsg_add(wbuf, ng_err->msg, ing.reason_len) == -1)
315 return got_error_from_errno("imsg_add REF_UPDATE_NG");
317 imsg_close(&iev->ibuf, wbuf);
318 gotd_imsg_event_add(iev);
322 static const struct got_error *
323 install_pack(struct gotd_session_client *client, const char *repo_path,
326 const struct got_error *err = NULL;
327 struct gotd_imsg_packfile_install inst;
328 char hex[SHA1_DIGEST_STRING_LENGTH];
330 char *packfile_path = NULL, *packidx_path = NULL;
332 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
333 if (datalen != sizeof(inst))
334 return got_error(GOT_ERR_PRIVSEP_LEN);
335 memcpy(&inst, imsg->data, sizeof(inst));
337 if (client->packfile_path == NULL)
338 return got_error_msg(GOT_ERR_BAD_REQUEST,
339 "client has no pack file");
340 if (client->packidx_path == NULL)
341 return got_error_msg(GOT_ERR_BAD_REQUEST,
342 "client has no pack file index");
344 if (got_sha1_digest_to_str(inst.pack_sha1, hex, sizeof(hex)) == NULL)
345 return got_error_msg(GOT_ERR_NO_SPACE,
346 "could not convert pack file SHA1 to hex");
348 if (asprintf(&packfile_path, "/%s/%s/pack-%s.pack",
349 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
350 err = got_error_from_errno("asprintf");
354 if (asprintf(&packidx_path, "/%s/%s/pack-%s.idx",
355 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
356 err = got_error_from_errno("asprintf");
360 if (rename(client->packfile_path, packfile_path) == -1) {
361 err = got_error_from_errno3("rename", client->packfile_path,
366 free(client->packfile_path);
367 client->packfile_path = NULL;
369 if (rename(client->packidx_path, packidx_path) == -1) {
370 err = got_error_from_errno3("rename", client->packidx_path,
375 /* Ensure we re-read the pack index list upon next access. */
376 gotd_session.repo->pack_path_mtime.tv_sec = 0;
377 gotd_session.repo->pack_path_mtime.tv_nsec = 0;
379 free(client->packidx_path);
380 client->packidx_path = NULL;
387 static const struct got_error *
388 begin_ref_updates(struct gotd_session_client *client, struct imsg *imsg)
390 struct gotd_imsg_ref_updates_start istart;
393 if (client->nref_updates != -1)
394 return got_error(GOT_ERR_PRIVSEP_MSG);
396 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
397 if (datalen != sizeof(istart))
398 return got_error(GOT_ERR_PRIVSEP_LEN);
399 memcpy(&istart, imsg->data, sizeof(istart));
401 if (istart.nref_updates <= 0)
402 return got_error(GOT_ERR_PRIVSEP_MSG);
404 client->nref_updates = istart.nref_updates;
408 static const struct got_error *
409 validate_namespace(const char *namespace)
411 size_t len = strlen(namespace);
413 if (len < 5 || strncmp("refs/", namespace, 5) != 0 ||
414 namespace[len - 1] != '/') {
415 return got_error_fmt(GOT_ERR_BAD_REF_NAME,
416 "reference namespace '%s'", namespace);
422 static const struct got_error *
423 queue_notification(struct got_object_id *old_id, struct got_object_id *new_id,
424 struct got_repository *repo, struct got_reference *ref)
426 const struct got_error *err = NULL;
427 struct gotd_repo *repo_cfg = gotd_session.repo_cfg;
428 struct gotd_imsgev *iev = &gotd_session.repo_child_iev;
429 struct got_pathlist_entry *pe;
430 struct gotd_session_notif *notif;
432 if (iev->ibuf.fd == -1 ||
433 STAILQ_EMPTY(&repo_cfg->notification_targets))
434 return NULL; /* notifications unused */
436 TAILQ_FOREACH(pe, &repo_cfg->notification_refs, entry) {
437 const char *refname = pe->path;
438 if (strcmp(got_ref_get_name(ref), refname) == 0)
442 TAILQ_FOREACH(pe, &repo_cfg->notification_ref_namespaces,
444 const char *namespace = pe->path;
446 err = validate_namespace(namespace);
449 if (strncmp(namespace, got_ref_get_name(ref),
450 strlen(namespace)) == 0)
456 * If a branch or a reference namespace was specified in the
457 * configuration file then only send notifications if a match
460 if (pe == NULL && (!TAILQ_EMPTY(&repo_cfg->notification_refs) ||
461 !TAILQ_EMPTY(&repo_cfg->notification_ref_namespaces)))
464 notif = calloc(1, sizeof(*notif));
466 return got_error_from_errno("calloc");
471 notif->action = GOTD_NOTIF_ACTION_CREATED;
472 else if (new_id == NULL)
473 notif->action = GOTD_NOTIF_ACTION_REMOVED;
475 notif->action = GOTD_NOTIF_ACTION_CHANGED;
478 memcpy(¬if->old_id, old_id, sizeof(notif->old_id));
480 memcpy(¬if->new_id, new_id, sizeof(notif->new_id));
482 notif->refname = strdup(got_ref_get_name(ref));
483 if (notif->refname == NULL) {
484 err = got_error_from_errno("strdup");
488 STAILQ_INSERT_TAIL(¬ifications, notif, entry);
491 free(notif->refname);
497 /* Forward notification content to the NOTIFY process. */
498 static const struct got_error *
499 forward_notification(struct gotd_session_client *client, struct imsg *imsg)
501 const struct got_error *err = NULL;
502 struct gotd_imsgev *iev = &gotd_session.notifier_iev;
503 struct gotd_session_notif *notif;
504 struct gotd_imsg_notification_content icontent;
505 char *refname = NULL;
507 struct gotd_imsg_notify inotify;
510 memset(&inotify, 0, sizeof(inotify));
512 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
513 if (datalen < sizeof(icontent))
514 return got_error(GOT_ERR_PRIVSEP_LEN);
515 memcpy(&icontent, imsg->data, sizeof(icontent));
516 if (datalen != sizeof(icontent) + icontent.refname_len)
517 return got_error(GOT_ERR_PRIVSEP_LEN);
518 refname = strndup(imsg->data + sizeof(icontent), icontent.refname_len);
520 return got_error_from_errno("strndup");
522 notif = STAILQ_FIRST(¬ifications);
524 return got_error(GOT_ERR_PRIVSEP_MSG);
526 STAILQ_REMOVE(¬ifications, notif, gotd_session_notif, entry);
528 if (notif->action != icontent.action || notif->fd == -1 ||
529 strcmp(notif->refname, refname) != 0) {
530 err = got_error(GOT_ERR_PRIVSEP_MSG);
533 if (notif->action == GOTD_NOTIF_ACTION_CREATED) {
534 if (memcmp(notif->new_id.sha1, icontent.new_id,
535 SHA1_DIGEST_LENGTH) != 0) {
536 err = got_error_msg(GOT_ERR_PRIVSEP_MSG,
537 "received notification content for unknown event");
540 } else if (notif->action == GOTD_NOTIF_ACTION_REMOVED) {
541 if (memcmp(notif->old_id.sha1, icontent.old_id,
542 SHA1_DIGEST_LENGTH) != 0) {
543 err = got_error_msg(GOT_ERR_PRIVSEP_MSG,
544 "received notification content for unknown event");
547 } else if (memcmp(notif->old_id.sha1, icontent.old_id,
548 SHA1_DIGEST_LENGTH) != 0 ||
549 memcmp(notif->new_id.sha1, icontent.new_id,
550 SHA1_DIGEST_LENGTH) != 0) {
551 err = got_error_msg(GOT_ERR_PRIVSEP_MSG,
552 "received notification content for unknown event");
556 switch (notif->action) {
557 case GOTD_NOTIF_ACTION_CREATED:
560 case GOTD_NOTIF_ACTION_REMOVED:
563 case GOTD_NOTIF_ACTION_CHANGED:
567 err = got_error(GOT_ERR_PRIVSEP_MSG);
571 strlcpy(inotify.repo_name, gotd_session.repo_cfg->name,
572 sizeof(inotify.repo_name));
574 snprintf(inotify.subject_line, sizeof(inotify.subject_line),
575 "%s: %s %s %s", gotd_session.repo_cfg->name,
576 client->username, action, notif->refname);
578 if (gotd_imsg_compose_event(iev, GOTD_IMSG_NOTIFY,
579 PROC_SESSION_WRITE, notif->fd, &inotify, sizeof(inotify))
581 err = got_error_from_errno("imsg compose NOTIFY");
593 /* Request notification content from REPO_WRITE process. */
594 static const struct got_error *
595 request_notification(struct gotd_session_notif *notif)
597 const struct got_error *err = NULL;
598 struct gotd_imsgev *iev = &gotd_session.repo_child_iev;
599 struct gotd_imsg_notification_content icontent;
604 fd = got_opentempfd();
606 return got_error_from_errno("got_opentemp");
608 memset(&icontent, 0, sizeof(icontent));
610 icontent.action = notif->action;
611 memcpy(&icontent.old_id, ¬if->old_id, sizeof(notif->old_id));
612 memcpy(&icontent.new_id, ¬if->new_id, sizeof(notif->new_id));
613 icontent.refname_len = strlen(notif->refname);
615 len = sizeof(icontent) + icontent.refname_len;
616 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_NOTIFY,
617 gotd_session.proc_id, gotd_session.pid, len);
619 err = got_error_from_errno("imsg_create NOTIFY");
622 if (imsg_add(wbuf, &icontent, sizeof(icontent)) == -1) {
623 err = got_error_from_errno("imsg_add NOTIFY");
626 if (imsg_add(wbuf, notif->refname, icontent.refname_len) == -1) {
627 err = got_error_from_errno("imsg_add NOTIFY");
632 if (notif->fd == -1) {
633 err = got_error_from_errno("dup");
637 ibuf_fd_set(wbuf, fd);
640 imsg_close(&iev->ibuf, wbuf);
641 gotd_imsg_event_add(iev);
648 static const struct got_error *
649 update_ref(int *shut, struct gotd_session_client *client,
650 const char *repo_path, struct imsg *imsg)
652 const struct got_error *err = NULL;
653 struct got_repository *repo = gotd_session.repo;
654 struct got_reference *ref = NULL;
655 struct gotd_imsg_ref_update iref;
656 struct got_object_id old_id, new_id;
657 struct gotd_session_notif *notif;
658 struct got_object_id *id = NULL;
659 char *refname = NULL;
662 char hex1[SHA1_DIGEST_STRING_LENGTH];
663 char hex2[SHA1_DIGEST_STRING_LENGTH];
665 log_debug("update-ref from uid %d", client->euid);
667 if (client->nref_updates <= 0)
668 return got_error(GOT_ERR_PRIVSEP_MSG);
670 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
671 if (datalen < sizeof(iref))
672 return got_error(GOT_ERR_PRIVSEP_LEN);
673 memcpy(&iref, imsg->data, sizeof(iref));
674 if (datalen != sizeof(iref) + iref.name_len)
675 return got_error(GOT_ERR_PRIVSEP_LEN);
676 refname = strndup(imsg->data + sizeof(iref), iref.name_len);
678 return got_error_from_errno("strndup");
680 log_debug("updating ref %s for uid %d", refname, client->euid);
682 memcpy(old_id.sha1, iref.old_id, SHA1_DIGEST_LENGTH);
683 memcpy(new_id.sha1, iref.new_id, SHA1_DIGEST_LENGTH);
684 err = got_repo_find_object_id(iref.delete_ref ? &old_id : &new_id,
689 if (iref.ref_is_new) {
690 err = got_ref_open(&ref, repo, refname, 0);
692 if (err->code != GOT_ERR_NOT_REF)
694 err = got_ref_alloc(&ref, refname, &new_id);
697 err = got_ref_write(ref, repo); /* will lock/unlock */
700 err = queue_notification(NULL, &new_id, repo, ref);
704 err = got_ref_resolve(&id, repo, ref);
707 got_object_id_hex(&new_id, hex1, sizeof(hex1));
708 got_object_id_hex(id, hex2, sizeof(hex2));
709 err = got_error_fmt(GOT_ERR_REF_BUSY,
710 "Addition %s: %s failed; %s: %s has been "
711 "created by someone else while transaction "
713 got_ref_get_name(ref), hex1,
714 got_ref_get_name(ref), hex2);
717 } else if (iref.delete_ref) {
718 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
723 err = got_ref_resolve(&id, repo, ref);
727 if (got_object_id_cmp(id, &old_id) != 0) {
728 got_object_id_hex(&old_id, hex1, sizeof(hex1));
729 got_object_id_hex(id, hex2, sizeof(hex2));
730 err = got_error_fmt(GOT_ERR_REF_BUSY,
731 "Deletion %s: %s failed; %s: %s has been "
732 "created by someone else while transaction "
734 got_ref_get_name(ref), hex1,
735 got_ref_get_name(ref), hex2);
739 err = got_ref_delete(ref, repo);
742 err = queue_notification(&old_id, NULL, repo, ref);
748 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
753 err = got_ref_resolve(&id, repo, ref);
757 if (got_object_id_cmp(id, &old_id) != 0) {
758 got_object_id_hex(&old_id, hex1, sizeof(hex1));
759 got_object_id_hex(id, hex2, sizeof(hex2));
760 err = got_error_fmt(GOT_ERR_REF_BUSY,
761 "Update %s: %s failed; %s: %s has been "
762 "created by someone else while transaction "
764 got_ref_get_name(ref), hex1,
765 got_ref_get_name(ref), hex2);
769 if (got_object_id_cmp(&new_id, &old_id) != 0) {
770 err = got_ref_change_ref(ref, &new_id);
773 err = got_ref_write(ref, repo);
776 err = queue_notification(&old_id, &new_id, repo, ref);
786 if (err->code == GOT_ERR_LOCKFILE_TIMEOUT) {
787 err = got_error_fmt(GOT_ERR_LOCKFILE_TIMEOUT,
788 "could not acquire exclusive file lock for %s",
791 send_ref_update_ng(client, &iref, refname, err->msg);
793 send_ref_update_ok(client, &iref, refname);
795 if (client->nref_updates > 0) {
796 client->nref_updates--;
797 if (client->nref_updates == 0) {
798 send_refs_updated(client);
799 notif = STAILQ_FIRST(¬ifications);
801 gotd_session.state = GOTD_STATE_NOTIFY;
802 err = request_notification(notif);
804 log_warn("could not send notification: "
806 client->flush_disconnect = 1;
809 client->flush_disconnect = 1;
814 const struct got_error *unlock_err;
815 unlock_err = got_ref_unlock(ref);
816 if (unlock_err && err == NULL)
826 static const struct got_error *
827 recv_notification_content(struct imsg *imsg)
829 struct gotd_imsg_notification_content inotif;
832 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
833 if (datalen < sizeof(inotif))
834 return got_error(GOT_ERR_PRIVSEP_LEN);
835 memcpy(&inotif, imsg->data, sizeof(inotif));
841 session_dispatch_repo_child(int fd, short event, void *arg)
843 struct gotd_imsgev *iev = arg;
844 struct imsgbuf *ibuf = &iev->ibuf;
845 struct gotd_session_client *client = &gotd_session_client;
850 if (event & EV_READ) {
851 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
852 fatal("imsg_read error");
854 /* Connection closed. */
860 if (event & EV_WRITE) {
861 n = msgbuf_write(&ibuf->w);
862 if (n == -1 && errno != EAGAIN)
863 fatal("msgbuf_write");
865 /* Connection closed. */
872 const struct got_error *err = NULL;
873 uint32_t client_id = 0;
874 int do_disconnect = 0;
875 int do_ref_updates = 0, do_ref_update = 0;
876 int do_packfile_install = 0, do_notify = 0;
878 if ((n = imsg_get(ibuf, &imsg)) == -1)
879 fatal("%s: imsg_get error", __func__);
880 if (n == 0) /* No more messages. */
883 switch (imsg.hdr.type) {
884 case GOTD_IMSG_ERROR:
886 err = gotd_imsg_recv_error(&client_id, &imsg);
888 case GOTD_IMSG_PACKFILE_DONE:
890 err = recv_packfile_done(&imsg);
892 case GOTD_IMSG_PACKFILE_INSTALL:
893 err = recv_packfile_install(&imsg);
895 do_packfile_install = 1;
897 case GOTD_IMSG_REF_UPDATES_START:
898 err = recv_ref_updates_start(&imsg);
902 case GOTD_IMSG_REF_UPDATE:
903 err = recv_ref_update(&imsg);
907 case GOTD_IMSG_NOTIFY:
908 err = recv_notification_content(&imsg);
913 log_debug("unexpected imsg %d", imsg.hdr.type);
919 disconnect_on_error(client, err);
923 struct gotd_session_notif *notif;
925 if (do_packfile_install)
926 err = install_pack(client,
927 gotd_session.repo->path, &imsg);
928 else if (do_ref_updates)
929 err = begin_ref_updates(client, &imsg);
930 else if (do_ref_update)
931 err = update_ref(&shut, client,
932 gotd_session.repo->path, &imsg);
934 err = forward_notification(client, &imsg);
936 log_warnx("uid %d: %s", client->euid, err->msg);
938 notif = STAILQ_FIRST(¬ifications);
939 if (notif && do_notify) {
940 /* Request content for next notification. */
941 err = request_notification(notif);
943 log_warn("could not send notification: "
953 gotd_imsg_event_add(iev);
955 /* This pipe is dead. Remove its event handler */
957 event_loopexit(NULL);
961 static const struct got_error *
962 recv_capabilities(struct gotd_session_client *client, struct imsg *imsg)
964 struct gotd_imsg_capabilities icapas;
967 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
968 if (datalen != sizeof(icapas))
969 return got_error(GOT_ERR_PRIVSEP_LEN);
970 memcpy(&icapas, imsg->data, sizeof(icapas));
972 client->ncapa_alloc = icapas.ncapabilities;
973 client->capabilities = calloc(client->ncapa_alloc,
974 sizeof(*client->capabilities));
975 if (client->capabilities == NULL) {
976 client->ncapa_alloc = 0;
977 return got_error_from_errno("calloc");
980 log_debug("expecting %zu capabilities from uid %d",
981 client->ncapa_alloc, client->euid);
985 static const struct got_error *
986 recv_capability(struct gotd_session_client *client, struct imsg *imsg)
988 struct gotd_imsg_capability icapa;
989 struct gotd_client_capability *capa;
991 char *key, *value = NULL;
993 if (client->capabilities == NULL ||
994 client->ncapabilities >= client->ncapa_alloc) {
995 return got_error_msg(GOT_ERR_BAD_REQUEST,
996 "unexpected capability received");
999 memset(&icapa, 0, sizeof(icapa));
1001 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1002 if (datalen < sizeof(icapa))
1003 return got_error(GOT_ERR_PRIVSEP_LEN);
1004 memcpy(&icapa, imsg->data, sizeof(icapa));
1006 if (datalen != sizeof(icapa) + icapa.key_len + icapa.value_len)
1007 return got_error(GOT_ERR_PRIVSEP_LEN);
1009 key = strndup(imsg->data + sizeof(icapa), icapa.key_len);
1011 return got_error_from_errno("strndup");
1012 if (icapa.value_len > 0) {
1013 value = strndup(imsg->data + sizeof(icapa) + icapa.key_len,
1015 if (value == NULL) {
1017 return got_error_from_errno("strndup");
1021 capa = &client->capabilities[client->ncapabilities++];
1023 capa->value = value;
1026 log_debug("uid %d: capability %s=%s", client->euid, key, value);
1028 log_debug("uid %d: capability %s", client->euid, key);
1033 static const struct got_error *
1034 ensure_client_is_reading(struct gotd_session_client *client)
1036 if (client->is_writing) {
1037 return got_error_fmt(GOT_ERR_BAD_PACKET,
1038 "uid %d made a read-request but is not reading from "
1039 "a repository", client->euid);
1045 static const struct got_error *
1046 ensure_client_is_writing(struct gotd_session_client *client)
1048 if (!client->is_writing) {
1049 return got_error_fmt(GOT_ERR_BAD_PACKET,
1050 "uid %d made a write-request but is not writing to "
1051 "a repository", client->euid);
1057 static const struct got_error *
1058 forward_want(struct gotd_session_client *client, struct imsg *imsg)
1060 struct gotd_imsg_want ireq;
1061 struct gotd_imsg_want iwant;
1064 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1065 if (datalen != sizeof(ireq))
1066 return got_error(GOT_ERR_PRIVSEP_LEN);
1068 memcpy(&ireq, imsg->data, datalen);
1070 memset(&iwant, 0, sizeof(iwant));
1071 memcpy(iwant.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
1073 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1074 GOTD_IMSG_WANT, gotd_session.proc_id, -1,
1075 &iwant, sizeof(iwant)) == -1)
1076 return got_error_from_errno("imsg compose WANT");
1081 static const struct got_error *
1082 forward_ref_update(struct gotd_session_client *client, struct imsg *imsg)
1084 const struct got_error *err = NULL;
1085 struct gotd_imsg_ref_update ireq;
1086 struct gotd_imsg_ref_update *iref = NULL;
1089 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1090 if (datalen < sizeof(ireq))
1091 return got_error(GOT_ERR_PRIVSEP_LEN);
1092 memcpy(&ireq, imsg->data, sizeof(ireq));
1093 if (datalen != sizeof(ireq) + ireq.name_len)
1094 return got_error(GOT_ERR_PRIVSEP_LEN);
1096 iref = malloc(datalen);
1098 return got_error_from_errno("malloc");
1099 memcpy(iref, imsg->data, datalen);
1101 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1102 GOTD_IMSG_REF_UPDATE, gotd_session.proc_id, -1,
1103 iref, datalen) == -1)
1104 err = got_error_from_errno("imsg compose REF_UPDATE");
1109 static const struct got_error *
1110 forward_have(struct gotd_session_client *client, struct imsg *imsg)
1112 struct gotd_imsg_have ireq;
1113 struct gotd_imsg_have ihave;
1116 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1117 if (datalen != sizeof(ireq))
1118 return got_error(GOT_ERR_PRIVSEP_LEN);
1120 memcpy(&ireq, imsg->data, datalen);
1122 memset(&ihave, 0, sizeof(ihave));
1123 memcpy(ihave.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
1125 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1126 GOTD_IMSG_HAVE, gotd_session.proc_id, -1,
1127 &ihave, sizeof(ihave)) == -1)
1128 return got_error_from_errno("imsg compose HAVE");
1134 client_has_capability(struct gotd_session_client *client, const char *capastr)
1136 struct gotd_client_capability *capa;
1139 if (client->ncapabilities == 0)
1142 for (i = 0; i < client->ncapabilities; i++) {
1143 capa = &client->capabilities[i];
1144 if (strcmp(capa->key, capastr) == 0)
1151 static const struct got_error *
1152 recv_packfile(struct gotd_session_client *client)
1154 const struct got_error *err = NULL;
1155 struct gotd_imsg_recv_packfile ipack;
1156 char *basepath = NULL, *pack_path = NULL, *idx_path = NULL;
1157 int packfd = -1, idxfd = -1;
1158 int pipe[2] = { -1, -1 };
1160 if (client->packfile_path) {
1161 return got_error_fmt(GOT_ERR_PRIVSEP_MSG,
1162 "uid %d already has a pack file", client->euid);
1165 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
1166 return got_error_from_errno("socketpair");
1168 /* Send pack pipe end 0 to repo child process. */
1169 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1170 GOTD_IMSG_PACKFILE_PIPE, gotd_session.proc_id, pipe[0],
1172 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1178 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
1179 if (gotd_imsg_compose_event(&client->iev,
1180 GOTD_IMSG_PACKFILE_PIPE, gotd_session.proc_id, pipe[1],
1182 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1185 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.pack",
1186 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
1187 client->euid) == -1) {
1188 err = got_error_from_errno("asprintf");
1192 err = got_opentemp_named_fd(&pack_path, &packfd, basepath, "");
1195 if (fchmod(packfd, GOT_DEFAULT_PACK_MODE) == -1) {
1196 err = got_error_from_errno2("fchmod", pack_path);
1201 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.idx",
1202 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
1203 client->euid) == -1) {
1204 err = got_error_from_errno("asprintf");
1208 err = got_opentemp_named_fd(&idx_path, &idxfd, basepath, "");
1211 if (fchmod(idxfd, GOT_DEFAULT_PACK_MODE) == -1) {
1212 err = got_error_from_errno2("fchmod", idx_path);
1216 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1217 GOTD_IMSG_PACKIDX_FILE, gotd_session.proc_id,
1218 idxfd, NULL, 0) == -1) {
1219 err = got_error_from_errno("imsg compose PACKIDX_FILE");
1225 memset(&ipack, 0, sizeof(ipack));
1226 if (client_has_capability(client, GOT_CAPA_REPORT_STATUS))
1227 ipack.report_status = 1;
1229 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1230 GOTD_IMSG_RECV_PACKFILE, gotd_session.proc_id, packfd,
1231 &ipack, sizeof(ipack)) == -1) {
1232 err = got_error_from_errno("imsg compose RECV_PACKFILE");
1240 if (pipe[0] != -1 && close(pipe[0]) == -1 && err == NULL)
1241 err = got_error_from_errno("close");
1242 if (pipe[1] != -1 && close(pipe[1]) == -1 && err == NULL)
1243 err = got_error_from_errno("close");
1244 if (packfd != -1 && close(packfd) == -1 && err == NULL)
1245 err = got_error_from_errno("close");
1246 if (idxfd != -1 && close(idxfd) == -1 && err == NULL)
1247 err = got_error_from_errno("close");
1252 client->packfile_path = pack_path;
1253 client->packidx_path = idx_path;
1258 static const struct got_error *
1259 send_packfile(struct gotd_session_client *client)
1261 const struct got_error *err = NULL;
1262 struct gotd_imsg_send_packfile ipack;
1265 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
1266 return got_error_from_errno("socketpair");
1268 memset(&ipack, 0, sizeof(ipack));
1270 if (client_has_capability(client, GOT_CAPA_SIDE_BAND_64K))
1271 ipack.report_progress = 1;
1273 client->delta_cache_fd = got_opentempfd();
1274 if (client->delta_cache_fd == -1)
1275 return got_error_from_errno("got_opentempfd");
1277 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1278 GOTD_IMSG_SEND_PACKFILE, PROC_GOTD, client->delta_cache_fd,
1279 &ipack, sizeof(ipack)) == -1) {
1280 err = got_error_from_errno("imsg compose SEND_PACKFILE");
1286 /* Send pack pipe end 0 to repo child process. */
1287 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1288 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD, pipe[0], NULL, 0) == -1) {
1289 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1294 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
1295 if (gotd_imsg_compose_event(&client->iev,
1296 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD, pipe[1], NULL, 0) == -1)
1297 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1303 session_dispatch_client(int fd, short events, void *arg)
1305 struct gotd_imsgev *iev = arg;
1306 struct imsgbuf *ibuf = &iev->ibuf;
1307 struct gotd_session_client *client = &gotd_session_client;
1308 const struct got_error *err = NULL;
1312 if (events & EV_WRITE) {
1313 while (ibuf->w.queued) {
1314 n = msgbuf_write(&ibuf->w);
1315 if (n == -1 && errno == EPIPE) {
1317 * The client has closed its socket.
1318 * This can happen when Git clients are
1319 * done sending pack file data.
1321 msgbuf_clear(&ibuf->w);
1323 } else if (n == -1 && errno != EAGAIN) {
1324 err = got_error_from_errno("imsg_flush");
1325 disconnect_on_error(client, err);
1329 /* Connection closed. */
1330 err = got_error(GOT_ERR_EOF);
1331 disconnect_on_error(client, err);
1336 if (client->flush_disconnect) {
1342 if ((events & EV_READ) == 0)
1345 memset(&imsg, 0, sizeof(imsg));
1347 while (err == NULL) {
1348 err = gotd_imsg_recv(&imsg, ibuf, 0);
1350 if (err->code == GOT_ERR_PRIVSEP_READ)
1352 else if (err->code == GOT_ERR_EOF &&
1353 gotd_session.state ==
1354 GOTD_STATE_EXPECT_CAPABILITIES) {
1356 * The client has closed its socket before
1357 * sending its capability announcement.
1358 * This can happen when Git clients have
1359 * no ref-updates to send.
1361 disconnect_on_error(client, err);
1367 evtimer_del(&client->tmo);
1369 switch (imsg.hdr.type) {
1370 case GOTD_IMSG_CAPABILITIES:
1371 if (gotd_session.state !=
1372 GOTD_STATE_EXPECT_CAPABILITIES) {
1373 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1374 "unexpected capabilities received");
1377 log_debug("receiving capabilities from uid %d",
1379 err = recv_capabilities(client, &imsg);
1381 case GOTD_IMSG_CAPABILITY:
1382 if (gotd_session.state != GOTD_STATE_EXPECT_CAPABILITIES) {
1383 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1384 "unexpected capability received");
1387 err = recv_capability(client, &imsg);
1388 if (err || client->ncapabilities < client->ncapa_alloc)
1390 if (!client->is_writing) {
1391 gotd_session.state = GOTD_STATE_EXPECT_WANT;
1392 client->accept_flush_pkt = 1;
1393 log_debug("uid %d: expecting want-lines",
1395 } else if (client->is_writing) {
1396 gotd_session.state = GOTD_STATE_EXPECT_REF_UPDATE;
1397 client->accept_flush_pkt = 1;
1398 log_debug("uid %d: expecting ref-update-lines",
1401 fatalx("client %d is both reading and writing",
1404 case GOTD_IMSG_WANT:
1405 if (gotd_session.state != GOTD_STATE_EXPECT_WANT) {
1406 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1407 "unexpected want-line received");
1410 log_debug("received want-line from uid %d",
1412 err = ensure_client_is_reading(client);
1415 client->accept_flush_pkt = 1;
1416 err = forward_want(client, &imsg);
1418 case GOTD_IMSG_REF_UPDATE:
1419 if (gotd_session.state != GOTD_STATE_EXPECT_REF_UPDATE &&
1420 gotd_session.state !=
1421 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1422 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1423 "unexpected ref-update-line received");
1426 log_debug("received ref-update-line from uid %d",
1428 err = ensure_client_is_writing(client);
1431 err = forward_ref_update(client, &imsg);
1434 gotd_session.state = GOTD_STATE_EXPECT_MORE_REF_UPDATES;
1435 client->accept_flush_pkt = 1;
1437 case GOTD_IMSG_HAVE:
1438 if (gotd_session.state != GOTD_STATE_EXPECT_HAVE) {
1439 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1440 "unexpected have-line received");
1443 log_debug("received have-line from uid %d",
1445 err = ensure_client_is_reading(client);
1448 err = forward_have(client, &imsg);
1451 client->accept_flush_pkt = 1;
1453 case GOTD_IMSG_FLUSH:
1454 if (gotd_session.state == GOTD_STATE_EXPECT_WANT ||
1455 gotd_session.state == GOTD_STATE_EXPECT_HAVE) {
1456 err = ensure_client_is_reading(client);
1459 } else if (gotd_session.state ==
1460 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1461 err = ensure_client_is_writing(client);
1464 } else if (gotd_session.state != GOTD_STATE_EXPECT_DONE) {
1465 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1466 "unexpected flush-pkt received");
1469 if (!client->accept_flush_pkt) {
1470 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1471 "unexpected flush-pkt received");
1476 * Accept just one flush packet at a time.
1477 * Future client state transitions will set this flag
1478 * again if another flush packet is expected.
1480 client->accept_flush_pkt = 0;
1482 log_debug("received flush-pkt from uid %d",
1484 if (gotd_session.state == GOTD_STATE_EXPECT_WANT) {
1485 gotd_session.state = GOTD_STATE_EXPECT_HAVE;
1486 log_debug("uid %d: expecting have-lines",
1488 } else if (gotd_session.state == GOTD_STATE_EXPECT_HAVE) {
1489 gotd_session.state = GOTD_STATE_EXPECT_DONE;
1490 client->accept_flush_pkt = 1;
1491 log_debug("uid %d: expecting 'done'",
1493 } else if (gotd_session.state ==
1494 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1495 gotd_session.state = GOTD_STATE_EXPECT_PACKFILE;
1496 log_debug("uid %d: expecting packfile",
1498 err = recv_packfile(client);
1499 } else if (gotd_session.state != GOTD_STATE_EXPECT_DONE) {
1500 /* should not happen, see above */
1501 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1502 "unexpected client state");
1506 case GOTD_IMSG_DONE:
1507 if (gotd_session.state != GOTD_STATE_EXPECT_HAVE &&
1508 gotd_session.state != GOTD_STATE_EXPECT_DONE) {
1509 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1510 "unexpected flush-pkt received");
1513 log_debug("received 'done' from uid %d", client->euid);
1514 err = ensure_client_is_reading(client);
1517 gotd_session.state = GOTD_STATE_DONE;
1518 client->accept_flush_pkt = 1;
1519 err = send_packfile(client);
1522 log_debug("unexpected imsg %d", imsg.hdr.type);
1523 err = got_error(GOT_ERR_PRIVSEP_MSG);
1531 if (err->code != GOT_ERR_EOF ||
1532 gotd_session.state != GOTD_STATE_EXPECT_PACKFILE)
1533 disconnect_on_error(client, err);
1535 gotd_imsg_event_add(iev);
1536 evtimer_add(&client->tmo, &gotd_session.request_timeout);
1540 static const struct got_error *
1541 list_refs_request(void)
1543 static const struct got_error *err;
1544 struct gotd_session_client *client = &gotd_session_client;
1545 struct gotd_imsgev *iev = &gotd_session.repo_child_iev;
1548 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1549 return got_error(GOT_ERR_PRIVSEP_MSG);
1551 fd = dup(client->fd);
1553 return got_error_from_errno("dup");
1555 if (gotd_imsg_compose_event(iev, GOTD_IMSG_LIST_REFS_INTERNAL,
1556 gotd_session.proc_id, fd, NULL, 0) == -1) {
1557 err = got_error_from_errno("imsg compose LIST_REFS_INTERNAL");
1562 gotd_session.state = GOTD_STATE_EXPECT_CAPABILITIES;
1563 log_debug("uid %d: expecting capabilities", client->euid);
1567 static const struct got_error *
1568 recv_connect(struct imsg *imsg)
1570 struct gotd_session_client *client = &gotd_session_client;
1571 struct gotd_imsg_connect iconnect;
1574 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1575 return got_error(GOT_ERR_PRIVSEP_MSG);
1577 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1578 if (datalen < sizeof(iconnect))
1579 return got_error(GOT_ERR_PRIVSEP_LEN);
1580 memcpy(&iconnect, imsg->data, sizeof(iconnect));
1581 if (iconnect.username_len == 0 ||
1582 datalen != sizeof(iconnect) + iconnect.username_len)
1583 return got_error(GOT_ERR_PRIVSEP_LEN);
1585 client->euid = iconnect.euid;
1586 client->egid = iconnect.egid;
1587 client->fd = imsg_get_fd(imsg);
1588 if (client->fd == -1)
1589 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1591 client->username = strndup(imsg->data + sizeof(iconnect),
1592 iconnect.username_len);
1593 if (client->username == NULL)
1594 return got_error_from_errno("strndup");
1596 imsg_init(&client->iev.ibuf, client->fd);
1597 client->iev.handler = session_dispatch_client;
1598 client->iev.events = EV_READ;
1599 client->iev.handler_arg = NULL;
1600 event_set(&client->iev.ev, client->iev.ibuf.fd, EV_READ,
1601 session_dispatch_client, &client->iev);
1602 gotd_imsg_event_add(&client->iev);
1603 evtimer_set(&client->tmo, gotd_request_timeout, client);
1609 session_dispatch_notifier(int fd, short event, void *arg)
1611 const struct got_error *err;
1612 struct gotd_session_client *client = &gotd_session_client;
1613 struct gotd_imsgev *iev = arg;
1614 struct imsgbuf *ibuf = &iev->ibuf;
1618 struct gotd_session_notif *notif;
1620 if (event & EV_READ) {
1621 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1622 fatal("imsg_read error");
1624 /* Connection closed. */
1630 if (event & EV_WRITE) {
1631 n = msgbuf_write(&ibuf->w);
1632 if (n == -1 && errno != EAGAIN)
1633 fatal("msgbuf_write");
1635 /* Connection closed. */
1642 if ((n = imsg_get(ibuf, &imsg)) == -1)
1643 fatal("%s: imsg_get error", __func__);
1644 if (n == 0) /* No more messages. */
1647 switch (imsg.hdr.type) {
1648 case GOTD_IMSG_NOTIFICATION_SENT:
1649 if (gotd_session.state != GOTD_STATE_NOTIFY) {
1650 log_warn("unexpected imsg %d", imsg.hdr.type);
1653 notif = STAILQ_FIRST(¬ifications);
1654 if (notif == NULL) {
1656 break; /* NOTREACHED */
1658 /* Request content for the next notification. */
1659 err = request_notification(notif);
1661 log_warn("could not send notification: %s",
1667 log_debug("unexpected imsg %d", imsg.hdr.type);
1675 gotd_imsg_event_add(iev);
1677 /* This pipe is dead. Remove its event handler */
1678 event_del(&iev->ev);
1679 imsg_clear(&iev->ibuf);
1680 imsg_init(&iev->ibuf, -1);
1684 static const struct got_error *
1685 recv_notifier(struct imsg *imsg)
1687 struct gotd_imsgev *iev = &gotd_session.notifier_iev;
1688 struct gotd_session_client *client = &gotd_session_client;
1692 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1693 return got_error(GOT_ERR_PRIVSEP_MSG);
1695 /* We should already have received a pipe to the listener. */
1696 if (client->fd == -1)
1697 return got_error(GOT_ERR_PRIVSEP_MSG);
1699 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1701 return got_error(GOT_ERR_PRIVSEP_LEN);
1703 fd = imsg_get_fd(imsg);
1705 return NULL; /* notifications unused */
1707 imsg_init(&iev->ibuf, fd);
1708 iev->handler = session_dispatch_notifier;
1709 iev->events = EV_READ;
1710 iev->handler_arg = NULL;
1711 event_set(&iev->ev, iev->ibuf.fd, EV_READ,
1712 session_dispatch_notifier, iev);
1713 gotd_imsg_event_add(iev);
1718 static const struct got_error *
1719 recv_repo_child(struct imsg *imsg)
1721 struct gotd_imsg_connect_repo_child ichild;
1722 struct gotd_session_client *client = &gotd_session_client;
1726 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1727 return got_error(GOT_ERR_PRIVSEP_MSG);
1729 /* We should already have received a pipe to the listener. */
1730 if (client->fd == -1)
1731 return got_error(GOT_ERR_PRIVSEP_MSG);
1733 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1734 if (datalen != sizeof(ichild))
1735 return got_error(GOT_ERR_PRIVSEP_LEN);
1737 memcpy(&ichild, imsg->data, sizeof(ichild));
1739 if (ichild.proc_id == PROC_REPO_WRITE)
1740 client->is_writing = 1;
1741 else if (ichild.proc_id == PROC_REPO_READ)
1742 client->is_writing = 0;
1744 return got_error_msg(GOT_ERR_PRIVSEP_MSG,
1745 "bad child process type");
1747 fd = imsg_get_fd(imsg);
1749 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1751 imsg_init(&gotd_session.repo_child_iev.ibuf, fd);
1752 gotd_session.repo_child_iev.handler = session_dispatch_repo_child;
1753 gotd_session.repo_child_iev.events = EV_READ;
1754 gotd_session.repo_child_iev.handler_arg = NULL;
1755 event_set(&gotd_session.repo_child_iev.ev,
1756 gotd_session.repo_child_iev.ibuf.fd, EV_READ,
1757 session_dispatch_repo_child, &gotd_session.repo_child_iev);
1758 gotd_imsg_event_add(&gotd_session.repo_child_iev);
1760 /* The "recvfd" pledge promise is no longer needed. */
1761 if (pledge("stdio rpath wpath cpath sendfd fattr flock", NULL) == -1)
1768 session_dispatch(int fd, short event, void *arg)
1770 struct gotd_imsgev *iev = arg;
1771 struct imsgbuf *ibuf = &iev->ibuf;
1772 struct gotd_session_client *client = &gotd_session_client;
1777 if (event & EV_READ) {
1778 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1779 fatal("imsg_read error");
1781 /* Connection closed. */
1787 if (event & EV_WRITE) {
1788 n = msgbuf_write(&ibuf->w);
1789 if (n == -1 && errno != EAGAIN)
1790 fatal("msgbuf_write");
1792 /* Connection closed. */
1799 const struct got_error *err = NULL;
1800 uint32_t client_id = 0;
1801 int do_disconnect = 0, do_list_refs = 0;
1803 if ((n = imsg_get(ibuf, &imsg)) == -1)
1804 fatal("%s: imsg_get error", __func__);
1805 if (n == 0) /* No more messages. */
1808 switch (imsg.hdr.type) {
1809 case GOTD_IMSG_ERROR:
1811 err = gotd_imsg_recv_error(&client_id, &imsg);
1813 case GOTD_IMSG_CONNECT:
1814 err = recv_connect(&imsg);
1816 case GOTD_IMSG_DISCONNECT:
1819 case GOTD_IMSG_CONNECT_NOTIFIER:
1820 err = recv_notifier(&imsg);
1822 case GOTD_IMSG_CONNECT_REPO_CHILD:
1823 err = recv_repo_child(&imsg);
1829 log_debug("unexpected imsg %d", imsg.hdr.type);
1834 if (do_disconnect) {
1836 disconnect_on_error(client, err);
1839 } else if (do_list_refs)
1840 err = list_refs_request();
1843 log_warnx("uid %d: %s", client->euid, err->msg);
1847 gotd_imsg_event_add(iev);
1849 /* This pipe is dead. Remove its event handler */
1850 event_del(&iev->ev);
1851 event_loopexit(NULL);
1856 session_main(const char *title, const char *repo_path,
1857 int *pack_fds, int *temp_fds, struct timeval *request_timeout,
1858 struct gotd_repo *repo_cfg, enum gotd_procid proc_id)
1860 const struct got_error *err = NULL;
1861 struct event evsigint, evsigterm, evsighup, evsigusr1;
1863 STAILQ_INIT(¬ifications);
1865 gotd_session.title = title;
1866 gotd_session.pid = getpid();
1867 gotd_session.pack_fds = pack_fds;
1868 gotd_session.temp_fds = temp_fds;
1869 memcpy(&gotd_session.request_timeout, request_timeout,
1870 sizeof(gotd_session.request_timeout));
1871 gotd_session.repo_cfg = repo_cfg;
1872 gotd_session.proc_id = proc_id;
1874 imsg_init(&gotd_session.notifier_iev.ibuf, -1);
1876 err = got_repo_open(&gotd_session.repo, repo_path, NULL, pack_fds);
1879 if (!got_repo_is_bare(gotd_session.repo)) {
1880 err = got_error_msg(GOT_ERR_NOT_GIT_REPO,
1881 "bare git repository required");
1885 got_repo_temp_fds_set(gotd_session.repo, temp_fds);
1887 signal_set(&evsigint, SIGINT, gotd_session_sighdlr, NULL);
1888 signal_set(&evsigterm, SIGTERM, gotd_session_sighdlr, NULL);
1889 signal_set(&evsighup, SIGHUP, gotd_session_sighdlr, NULL);
1890 signal_set(&evsigusr1, SIGUSR1, gotd_session_sighdlr, NULL);
1891 signal(SIGPIPE, SIG_IGN);
1893 signal_add(&evsigint, NULL);
1894 signal_add(&evsigterm, NULL);
1895 signal_add(&evsighup, NULL);
1896 signal_add(&evsigusr1, NULL);
1898 gotd_session.state = GOTD_STATE_EXPECT_LIST_REFS;
1900 gotd_session_client.fd = -1;
1901 gotd_session_client.nref_updates = -1;
1902 gotd_session_client.delta_cache_fd = -1;
1903 gotd_session_client.accept_flush_pkt = 1;
1905 imsg_init(&gotd_session.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
1906 gotd_session.parent_iev.handler = session_dispatch;
1907 gotd_session.parent_iev.events = EV_READ;
1908 gotd_session.parent_iev.handler_arg = NULL;
1909 event_set(&gotd_session.parent_iev.ev, gotd_session.parent_iev.ibuf.fd,
1910 EV_READ, session_dispatch, &gotd_session.parent_iev);
1911 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
1912 GOTD_IMSG_CLIENT_SESSION_READY, gotd_session.proc_id,
1913 -1, NULL, 0) == -1) {
1914 err = got_error_from_errno("imsg compose CLIENT_SESSION_READY");
1921 log_warnx("%s: %s", title, err->msg);
1922 gotd_session_shutdown();
1926 gotd_session_shutdown(void)
1928 struct gotd_session_notif *notif;
1930 log_debug("shutting down");
1932 while (!STAILQ_EMPTY(¬ifications)) {
1933 notif = STAILQ_FIRST(¬ifications);
1934 STAILQ_REMOVE_HEAD(¬ifications, entry);
1935 if (notif->fd != -1)
1937 free(notif->refname);
1941 if (gotd_session.repo)
1942 got_repo_close(gotd_session.repo);
1943 got_repo_pack_fds_close(gotd_session.pack_fds);
1944 got_repo_temp_fds_close(gotd_session.temp_fds);
1945 free(gotd_session_client.username);